73b3d43f1d7940714e19e0f58c55682d46cf7e1c062a95b9327244b9894eddf9

Sharing

Copy URL Twitter E-mail

General

Target

tor-browser-windows-x86_64-portable-13.0.9.exe
Size

98.2MB
Sample

240125-3186hsaab9
MD5

50dc710482ab307d2b410dab7b69b9c7
SHA1

6bb0bb2fe5c72315793588d7dec8e21c94dec2fd
SHA256

73b3d43f1d7940714e19e0f58c55682d46cf7e1c062a95b9327244b9894eddf9
SHA512

ea21b3bccde43e6ba90e6acd9d3c6d9e45490d54b914ef5dfc64e173e9a22c564185122522ae416d1830a093375ded7077389312084ed5f1a27f08ead0f23694
SSDEEP

1572864:XIgQWD/tOnwcaWoeKyEoq/9ODRseQzJXp0lxYBYmWBGRjN2DHe1XwEVHrzKfK+fu:XmWUnhfRKfoWqRsp9pEftBY2a1NHPKi9

Score

7^/10

Malware Config

Targets

- Target
  
  tor-browser-windows-x86_64-portable-13.0.9.exe
- Size
  
  98.2MB
- MD5
  
  50dc710482ab307d2b410dab7b69b9c7
- SHA1
  
  6bb0bb2fe5c72315793588d7dec8e21c94dec2fd
- SHA256
  
  73b3d43f1d7940714e19e0f58c55682d46cf7e1c062a95b9327244b9894eddf9
- SHA512
  
  ea21b3bccde43e6ba90e6acd9d3c6d9e45490d54b914ef5dfc64e173e9a22c564185122522ae416d1830a093375ded7077389312084ed5f1a27f08ead0f23694
- SSDEEP
  
  1572864:XIgQWD/tOnwcaWoeKyEoq/9ODRseQzJXp0lxYBYmWBGRjN2DHe1XwEVHrzKfK+fu:XmWUnhfRKfoWqRsp9pEftBY2a1NHPKi9
Score

7^/10

evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  8KB
- MD5
  
  59888d7d17f0100e5cffe2aca0b3dfaf
- SHA1
  
  8563187a53d22f33b90260819624943204924fdc
- SHA256
  
  f9075791123be825d521525377f340b0f811e55dcec00d0e8d0347f14733f8a3
- SHA512
  
  d4ca43a00c689fa3204ce859fdd56cf47f92c10ba5cfa93bb987908a072364685b757c85febc11f8b3f869f413b07c6fcc8c3a3c81c9b5de3fba30d35495ff23
- SSDEEP
  
  96:NtrTcnv5RhqRIwfIis6o6bOl8MNysjgdKXSY7Jemv6ZwMDaH71pj:PHKxqFfzs6o5l2hKXSR6Xj
Score

1^/10
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  25KB
- MD5
  
  480304643eee06e32bfc0ff7e922c5b2
- SHA1
  
  383c23b3aba0450416b9fe60e77663ee96bb8359
- SHA256
  
  f2bb03ddaeb75b17a006bc7fc652730d09a88d62861c2681a14ab2a21ef597ce
- SHA512
  
  125c8d2ccbfd5e123ce680b689ac7a2452f2d14c5bfbb48385d64e24b28b6de97b53916c383945f2ff8d4528fef115fbb0b45a43ffa4579199e16d1004cf1642
- SSDEEP
  
  384:aZyRQ9dweQ9XYD/isN7lCEjgw4U/ktKi+RIcq1uCJOz3cDv+doYD:aR9dYIrx7lC7TU/kaG1uCJ43cb
Score

1^/10
behavioral3
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  14KB
- MD5
  
  990eb444cf524aa6e436295d5fc1d671
- SHA1
  
  ae599a54c0d3d57a2f8443ad7fc14a28fe26cac3
- SHA256
  
  46b59010064c703fbaf22b0dbafadb5bd82ab5399f8b4badcc9eeda9329dbab8
- SHA512
  
  d1e4eb477c90803ddf07d75f5d94c2dacfdcd3e786a74ea7c521401e116abf036d9399e467d2d12bd1a7c1abda2f1d6d15b40c8039fd6ec79ba5fe4119674c27
- SSDEEP
  
  192:+yWhF6MuqMgndPvg/YWkNLiY8vSKXS6Hn5gIIblaks89HAH9Edeqe4B0:zWh4MFvdw/YWCLXASKi6nAlbrAl4m
Score

1^/10
behavioral4
- Target
  
  Browser/AccessibleMarshal.dll
- Size
  
  25KB
- MD5
  
  429d42bbc7a280bec3eaeab9b622c988
- SHA1
  
  159278ede1bedb39016f360fe30deda815c0e5aa
- SHA256
  
  079c53a82465c36fc9e6292874a1c2b8f0fbf193c7e239d5ccca54cf9f364400
- SHA512
  
  cc477f6f16c80c03e1aaa974c9d4428b83699ca1b2b0198f604543a57ee4d14d3cd8f21b4d9e169dab64493f079858b1900ac8ae9243a8f7a3748b1001050b53
- SSDEEP
  
  384:prUrKdJpDPepeEOGfc54yEI9ME8JjUycDiecjY:6EpSpeEOGfKEFJjgDAE
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral5
- Target
  
  Browser/TorBrowser/Tor/PluggableTransports/conjure-client.exe
- Size
  
  8.8MB
- MD5
  
  784de8d2766ffc29d907cb3b211493e7
- SHA1
  
  6638fe303fdc03f86c5cf9fcf9850ba713f30831
- SHA256
  
  4765f971108f4ad7a930a113bcb2b4de24931783bb85badaf33cac04c4f40fff
- SHA512
  
  10af86c865896be04ca7df3d057d3d4f9c16849887edc03ac6035f6fa226ecacc9fdcbf04d57b9b18201436c72ce822c3ec2b4786817e22932283f2974a8f608
- SSDEEP
  
  49152:/WlNV9cdRzfrb/T9vO90d7HjmAFd4A64nsfJSig4UvTMg/RwdsJzLvx6sDhuGxYP:FdR81gTvxHhghNFW5Esxq/L
Score

1^/10
behavioral6
- Target
  
  Browser/TorBrowser/Tor/PluggableTransports/lyrebird.exe
- Size
  
  6.8MB
- MD5
  
  6121249b3c39f72d4c192907817a0be6
- SHA1
  
  74930451399142c683de127289ba687f1674c11e
- SHA256
  
  268432cd0518b24e3de69221fe3d6c3eebc281f1f5a6deb906459c4a08a83842
- SHA512
  
  b2c09d0eb4ebce2a687823efd42e286efabb898a7efa15ec6d661b8d285ddd4680dcb385d437c2945986519c13c34b83363500bc0691dad4487b77ed4d41d7f9
- SSDEEP
  
  49152:t5psILdrb/TrvO90d7HjmAFd4A64nsfJUKn5D5q0CIqDtrjSwcuS7wTqOrGAyqAM:xHKx5QIOrmaTqOB+0jMIEPGyM
Score

1^/10
behavioral7
- Target
  
  Browser/TorBrowser/Tor/PluggableTransports/snowflake-client.exe
- Size
  
  14.8MB
- MD5
  
  72f314c9a0d5d17c05ed500966af1296
- SHA1
  
  e92cc43421a7c707f5b6a0488f1dacf0ec95e1c3
- SHA256
  
  a72c85df80e3b77cde988d27375723166d1110be28b5b23c242988f797a81fcd
- SHA512
  
  daf70ad05aa5fdd25dad106cbd5b23b1418b249fd0875189de09a59e79852f13a0b15ca4168031347c80baa78470230127a781542c5d7a86a975436aa100550b
- SSDEEP
  
  98304:bHvHvc5cfrJIWVZUDHnA55O6lCn8IFEEEKDV9C1PwyrFw0fc:Tvpfr7VZU65O1nREISwqw0fc
Score

1^/10
behavioral8
- Target
  
  Browser/TorBrowser/Tor/PluggableTransports/webtunnel-client.exe
- Size
  
  4.1MB
- MD5
  
  779fd88013a70205bbcbc55a37c78789
- SHA1
  
  79d874de602aaf9abb778b9d1852a250e31c6762
- SHA256
  
  b3244621f07d91d3e119c7cacbb6d151fa355f719e17ac439763ec53ee31da8d
- SHA512
  
  1edd3dd1a6dee3b8c50fec1abe60c78480a848790266aca7e4676eb919ef333318f8cc192a65606ca75a7fe89da5f541f59fc353e8a0ab2102e8cec98e8d9146
- SSDEEP
  
  49152:FB7MMCnyfrb/TSvO90d7HjmAFd4A64nsfJ7bSBU1Pjxw21GAIbBL5Ii9sC/295Eg:CnqE/2boLOTEZd
Score

1^/10
behavioral9
- Target
  
  Browser/TorBrowser/Tor/tor.exe
- Size
  
  8.6MB
- MD5
  
  2c8ab678e6fdfeb2b588f6d4ce1b0a7c
- SHA1
  
  9cf5195a2f018207415883be2a89c37b74afeba1
- SHA256
  
  e9428a49752c6820567783f03c46bbe2368e6713d261d631500c88eab22aa046
- SHA512
  
  13201ed08d755a358e1502d40e214180ecf7630c591456d341af0ab26db8f6b38defcd61dcf4b69444a6d58b9c059c79ab88464923286af926f5cf2e4bdec858
- SSDEEP
  
  98304:8V8zQT6LjcYWndSfbG+QRwBH031rjmJwL4l6D3lRaf:zz86/FliwY1rjF3
Score

3^/10
behavioral10
- Target
  
  chrome/browser/content/browser/aboutlogins/components/login-filter.mjs
- Size
  
  2KB
- MD5
  
  a4bef0ef4265a6c4df7bb4bba42b2a68
- SHA1
  
  d3f8a011c29b3edb342a04e32ec7e02f80c60a36
- SHA256
  
  c5e06f0b40d26d3f4c253a80b0b1caaa6803a7359407f658e2db4361c2a7d324
- SHA512
  
  8d181765b5931e8e448a688b8db66d2a3ccb6c5b1cedc9aae88a41675d894cb73c10b22fbe084ca760e790434f46bd49c3d6bccc30f81dda4779a2bf3e660512
Score

1^/10
behavioral11
- Target
  
  Browser/d3dcompiler_47.dll
- Size
  
  4.1MB
- MD5
  
  222d020bd33c90170a8296adc1b7036a
- SHA1
  
  612e6f443d927330b9b8ac13cc4a2a6b959cee48
- SHA256
  
  4432bbd1a390874f3f0a503d45cc48d346abc3a8c0213c289f4b615bf0ee84f3
- SHA512
  
  ad8c7ce7f6f353da5e2cf816e1a69f1ec14011612e8041e4f9bb6ebed3e0fa4e4ebc069155a0c66e23811467012c201893b9b3b7a947d089ce2c749d5e8910c6
- SSDEEP
  
  49152:D5EfJYiVk9w6hAPqzag2At6i5K/8Ub6Lg3MEq/NHiQTtVr+5kb62QgdD6zoodr7P:l7iNPWHYE+Bnm8
Score

1^/10
behavioral12
- Target
  
  Browser/defaults/pref/channel-prefs.js
- Size
  
  429B
- MD5
  
  3d84d108d421f30fb3c5ef2536d2a3eb
- SHA1
  
  0f3b02737462227a9b9e471f075357c9112f0a68
- SHA256
  
  7d9d37eff1dc4e59a6437026602f1953ef58ee46ff3d81dbb8e13b0fd0bec86b
- SHA512
  
  76cb3d59b08b0e546034cbb4fb11d8cfbb80703430dfe6c9147612182ba01910901330db7f0f304a90474724f32fd7b9d102c351218f7a291d28b3a80b7ac1e5
Score

1^/10
behavioral13
- Target
  
  Browser/firefox.exe
- Size
  
  1.7MB
- MD5
  
  8657a4a8317072b9add9c91431f09de4
- SHA1
  
  415406bb72114572d689aa09c19d4c6c60673eb5
- SHA256
  
  77fe9d57114def479f661e8813f2d48aef9aec1eb62081999f0c482bf205dcc2
- SHA512
  
  89325fdd3ec217674a5b59f16b4e7b8a56cb69207f27bddc59b84e6842962f517f69560ba33181efe70095016b45e31138276c11885a80596b5f5077e35967a1
- SSDEEP
  
  24576:S7iOs4gKM8fqEneVGiidOwaJbmRKTCRj:SOOs4/qEneVGbQ4wE
Score

7^/10

evasion trojan
- Executes dropped EXE
- Checks whether UAC is enabled
  evasion trojan
behavioral14
- Target
  
  Browser/fonts/NotoSansNKo-Regular.ttf
- Size
  
  38KB
- MD5
  
  675a36c0b084fd16c8a0c466da26df2f
- SHA1
  
  08cb816c2d82646eb012477ca9180a9ccbe94f10
- SHA256
  
  c756efb2c40f754107d76fa4e401fc3b8b7edec5cc65db549d3d0236ac6d08a1
- SHA512
  
  685ac3f7e308a1d32f0bae0571378897b2b59a56da8c871d90bd568ccacbfc3d58976f33e6e3dad23e9473c6d7bf38465f257ae8824b6cc57585b769015b8508
- SSDEEP
  
  768:Fzr0MfLbiEt/HoF4ssQiwNgJ3I/R6oBWmQYYY5iH95ETFsQPRzT9xFFrDW/iSD5:RNfL3+F4+gJ26oPQYYY5iH95EB5VFBaV
Score

1^/10
behavioral15
- Target
  
  Browser/freebl3.dll
- Size
  
  686KB
- MD5
  
  ab53e44b82fc10fba2871652a940ca41
- SHA1
  
  abaf16db1d00654dee7dfe8b87ae7a2db82b8d3d
- SHA256
  
  6e9557dc3dcc1d3fde04c4276f187cef61c289baf4de02113586ad97c779742c
- SHA512
  
  0c4f2f202fbf391efce792ba80ecf77899d4ca6964e92b204dcebbb2604c7e41afe73e34db8c554a94664c6d1f9105bdbabd5375fe4f907eb1bd7b68724573df
- SSDEEP
  
  12288:Ss9mO2N5gvqlfV2wJmCcN9XrZGvnfRmVUMZ3wqnhX:SQ2NxfV2wJmCcN9XNOfAOMq+hX
Score

1^/10
behavioral16
- Target
  
  Browser/ipcclientcerts.dll
- Size
  
  319KB
- MD5
  
  8fbb85886f9ad9bf9cfbcc4a13f08aa3
- SHA1
  
  c0fb0fcf562dd9b22eacc7b18cc22e2a51819340
- SHA256
  
  53f36bd229ec98370c1b86bb26944777ad14c1038b99912b422ebc39adbfbb7a
- SHA512
  
  6156830aad8d5b3c83eb68e6d5a4d50b7f5bfa1a69deb2794cafb0726cd65419c337c62225e54b7cb8c35e15cb1770c49975baaca6432ebe78a2266a67a1103b
- SSDEEP
  
  6144:vqvaEK5F4CEy8CBqu2BoSZtB+C01ym4pN/Vp9NMG8py4S:vqvapau2BoSZM1PM8pq
Score

1^/10
behavioral17
- Target
  
  Browser/lgpllibs.dll
- Size
  
  43KB
- MD5
  
  4fbe7a921c122571493598d342901798
- SHA1
  
  fb4c7ba5cb85f09ae41eebd1b6480c8105bdd50d
- SHA256
  
  6c6c36f632197c38dc8482de6c79a9288e242a4b5b666f2717acd6a5d5cfe2b2
- SHA512
  
  b100dccf1ab5416dd4bd465c7c5dd23c0f62e80e50617c46528d6c8df14b39b1ca8c153d793238c795e9c6925a0761a0d21abc155896a267563a0728632f3244
- SSDEEP
  
  768:5LOk3s6hvnS5YRtWFaEsCI40lLodavTqXGHvHa8cTOND:5v5hvnS5TPrJ1T+
Score

1^/10
behavioral18
- Target
  
  Browser/libEGL.dll
- Size
  
  810KB
- MD5
  
  9b23acc2ed9f6f2a5e57f4d8534b12bc
- SHA1
  
  39b2ca0fe4d46207c770a3aa4c4071b48da98c18
- SHA256
  
  d72edb43703fc376a45b130f41c9d8fe15e6670c5ea54fac80894e6e6d3e335d
- SHA512
  
  ad4a3d6a9943de2bc1a9f0e4e3e7b977823f1054a40cc1577c8033e5c15f132da54250ce1a8a7415c72a6c6da6962c530fcd5b8ef3d73d1f53100303098e3f16
- SSDEEP
  
  12288:apInChtvdHLT87/o68AfI73mVFf/PtVRLZJ:apUCht1srkCVR/PtVRL
Score

1^/10
behavioral19
- Target
  
  Browser/libGLESv2.dll
- Size
  
  5.9MB
- MD5
  
  c22a9e72378b8421b8fa6f7b2cf01b86
- SHA1
  
  f2c598d704f494a94c55be2fab03652de090d0c2
- SHA256
  
  f720121dd15b99ffd1fc4505a23f6b1557e0aa62677bc7584158e3d52f9e6693
- SHA512
  
  91eb16973e4a5ec9ad6251b2d0f84beb63c42215984dd871db9ef14ffe18bfee99c391c2e5129c7f384fee57cd0441a085910a2c41b91425a5e6b60f9c286e95
- SSDEEP
  
  49152:9m2osdwa4iQl9xvX43b9X4fbhDREDgQyuMl5ful5tult4JT7tmp0mNKerNf8m:SRX4l85hIi4J2Am
Score

1^/10
behavioral20
- Target
  
  Browser/mozavcodec.dll
- Size
  
  4.1MB
- MD5
  
  d3f4fa1d889656fb2c8c3bcaac4280d5
- SHA1
  
  50c46321c3adc1340a698383b6b2d3f6b2e403d6
- SHA256
  
  ecc33c140eefe1a1616f1170a46480f31c531f510631d3dd3f4a1f1cb8c71afd
- SHA512
  
  e20d0f3c0456ef1c19afd76f0567334f6180d297c585df92e556d19a8867d7cf149ca82ccef46c0c955734e1624250bcb2b9f69b5ae4da0caf9a56b8cdc64358
- SSDEEP
  
  49152:Cy0j+nCOraO4fGYWKmk1UFdjnQt36gyUmgz9k8Ypvp2kYXqc0keGvlIereRHSKbH:JXC2aOHkuWUpvp2kQQ1yS/tqPzi+Wv
Score

1^/10
behavioral21
- Target
  
  Browser/mozavutil.dll
- Size
  
  276KB
- MD5
  
  25ed17a54ca0eb08f0bc0a98eccf4790
- SHA1
  
  a785f7934a8356f77de42a59b1af27032749baba
- SHA256
  
  8cda8582aa4e1306e74383eb5769eac6f11d1ce50b58ae86c790a2d82b5fffb5
- SHA512
  
  08c0b6c39d631334224b14f734971b5d3dcb188202d5ebd537df05168892f2d4f8ff9773279e05f3985fcafed8881b02b1ec4ba3f3c9739f4dd3c52794afe496
- SSDEEP
  
  6144:lJpqwCehKQ4AXS7nODt3JBZWVQdhV5HB5Qlqi:lJpVCekQ4AOA3fZWfQi
Score

1^/10
behavioral22
- Target
  
  Browser/mozglue.dll
- Size
  
  1.4MB
- MD5
  
  c4a8ec311f3c54ad8d9c768d954f1795
- SHA1
  
  ee041bc1313678f8d744da21d94e194991732f4c
- SHA256
  
  a2d313a9d79de2b3fa0a15189dee85b4f5e75e5a9166d2500a706450e26718be
- SHA512
  
  f529aed2d947f1bb0c6845660b3b0fbd6e34f7f1f01cf6a5cf13bd3586cd933fdcfb049c44da7900594f0e9a648efbc40057bf27213cba6f7228c8d3a3e23a04
- SSDEEP
  
  24576:JYxqtq71gOUS56XwvlOjZSS5TAwFnTT4VsWF8qRUjUwlG1:CxMFSIXwPQAwFnTTbWF8qRU
Score

1^/10
behavioral23
- Target
  
  Browser/nss3.dll
- Size
  
  2.5MB
- MD5
  
  e4204084082d135e03ae93345d559a67
- SHA1
  
  44d92396de011cb89b3e3fc615adb1416afa18e3
- SHA256
  
  e57672b60a4215defd3eca5ece7e227ebae6e1bebe1b62e19fc273bbf7aa3a8a
- SHA512
  
  887236e9a94f42d6ad9158ebb94a63efb3ef1507dc58718fbb7109d99951ac58dfe8f4d4826dd39d8d0c291a017d81a2f82b6967fb4fefefc2cc423925b4fdfc
- SSDEEP
  
  49152:8eaUhSdD3VR/6QMCwXzWjBSTo9EEH5IAWARpJ1W4gLunOSZRemkeVIKfPMSPjy0:8eaUodDlRf992cD/geBLVIgMSb
Score

1^/10
behavioral24
- Target
  
  Browser/nssckbi.dll
- Size
  
  472KB
- MD5
  
  8713bbd76e342bd66d98bdbfc6d35a39
- SHA1
  
  c180702bac5792c00b8423be9c54b4fa7e92b8df
- SHA256
  
  488b0b18fd6a7a6bcaf0cedfdd01fad23cdcc301fba54ee15e9a15f9b09ec760
- SHA512
  
  79ae532870f30950b6b3a6a7cb477767e5347e5c55a875150ab4e5b8e830068c8c0ada1249b10ecf4658f9f75832ce782952bd7b141fec009cb6734c02aa4dfb
- SSDEEP
  
  6144:jGwval2AEtNy2HaSzI+B++W1mfo9unYC/SypZViGJ243xjZTZdOp4VoA6MQS6B5l:jAl2ps2HaSzU1KEypR24hjMpT+QSQQP
Score

1^/10
behavioral25
- Target
  
  res/locale/dom/dom.properties
- Size
  
  32KB
- MD5
  
  2386d50e691eaeb1d0cb49cdaeb2eb28
- SHA1
  
  d67100273d84d24f959c91bc47c799bbacaf480a
- SHA256
  
  547a0b1c4182675e29fbfe78ff2f8b4de8a06afebaea7b8500374e6f05b27de8
- SHA512
  
  2a8e424dff09abbdf6cad0c1288613b57c398ba021ecb00be1cc2b940d3f4fc154c24a2f02f48b4b555a926917d3a169861529b3c915d38537d14ee4941cbece
- SSDEEP
  
  384:wttr42OpmSRhN/pNcurc5gFwgeNpD/e3DM35KHSIZEU7jDBI0F7oAnXrBL0gDWpB:cDEvjVRS3xVfuec2cOrBt7q6owb91yq5
Score

1^/10
behavioral26
- Target
  
  Browser/osclientcerts.dll
- Size
  
  512KB
- MD5
  
  da66e1ee800d806bf0b2159839977319
- SHA1
  
  9344f8c7e313209b15f01e41d054b1e08343570c
- SHA256
  
  0ddaaa1953618e750a3943d7f80f67ae93a0bee8bb058dd979a198da120a7565
- SHA512
  
  d1c69bf1006db311a34691bb2ce4218310cb635f2e6444a0e900e9e450d90f0ded62c25c3d5f27540991ac23788864bfb4d7e884f2773f6d77f6e71d9bc69737
- SSDEEP
  
  12288:HxBvuQKOjc+CuHXPFt3Zh2seSOCh1iotOpj:HxB2QKic+Cu3RMCao
Score

1^/10
behavioral27
- Target
  
  Browser/plugin-container.exe
- Size
  
  1.1MB
- MD5
  
  bc282766e67a2239be9053f966f370a5
- SHA1
  
  308c945a027d3edd5fdfbb1d4647cf34ae992366
- SHA256
  
  dd2f265c618edb0825eb8a830a69ab4e59df917d7adcb9e573590d265b78a9ee
- SHA512
  
  84b051a1c692a39186465335798fc351fa8c6d7116227a731b2040b10fadc4fc224722786d7bd2ee401fecce76465746949ba01927ce7f101ae28e0bc54b0fac
- SSDEEP
  
  12288:PCUMkM3saxa/LJvroZnUR0w5PBPupcXgYrcCTFmTv6fcPgmJtyofy5i:fMkUaLJvRR0w5ObOgTzPgmJEot
Score

1^/10
behavioral28
- Target
  
  Browser/qipcap64.dll
- Size
  
  13KB
- MD5
  
  c41d16564f84ca9a230e78c79d527115
- SHA1
  
  07ae4b0c3f0a3869b7c2e5e2a5f265c6b79aed39
- SHA256
  
  f4dd351af465431f92f5d145058dac9d760cdb36f5f365fd83b7f01754a1bdf7
- SHA512
  
  dcde31ef50f334a2a20b76e26af7ae8fb60c5ecdbbf81f2dcebdc9b3183d509524a3e848b7261e6932fe95634f8088ebd0d995b2e6dc642da8e76ff1c82a64ec
- SSDEEP
  
  192:2kDQK65F/yMyu6OXm3bSwcc8jODvF7Mg55C9guBLjv:9L+yuHcbSZc8Gv5V5C9gmjv
Score

1^/10
behavioral29
- Target
  
  Browser/softokn3.dll
- Size
  
  288KB
- MD5
  
  ec87fbbf8dcb4de334f29edd75f090cd
- SHA1
  
  d68dbcbce12d309d9606a0cad56522e738ff4fc6
- SHA256
  
  fbefd396a1fbe9908f27db5ae72c96a3b91121ce89dda3f6376b8698cb2f33ae
- SHA512
  
  718771c0754709419a822a2c3a7a0bcd265b05adb6aadfb9afd47fb22e2ec8d8c73246afa2386a458eab2f04bcc0e6acd598782972888270f926133b7f76d0d7
- SSDEEP
  
  6144:pDr45fcKhXkJaBkLc9ZPRI27cCmJw3hYz+xnbk:brc/mCxRYz+xn
Score

1^/10
behavioral30
- Target
  
  Browser/updater.exe
- Size
  
  462KB
- MD5
  
  0e3fb4e7ba4bcc808f0e498c64aa9439
- SHA1
  
  d9b57225ede114af943e2cc270fbbad918fe033d
- SHA256
  
  eecb8f6d751f914660eae4c18d7dfb8b7fbe9127f26fcd49a48b902a27fa5f3a
- SHA512
  
  09ca43cf08930968211e6f9ff2569372f48b9c6042aa45d30ce912a0cf12ec7055f456dfc71b9ac386d9c49bb3ca4ddd602b094db5bbccc31f06b49ab53a4803
- SSDEEP
  
  6144:oKbO3Wt4PjGLWTHVKYGUKfSegCymnzWWlBQgbhLEHPnjZ4pjSFC+T5moWbJg3Pfc:rbOM4KgsYGUKfSOymnzHHCmoWbJAdGy
Score

1^/10
behavioral31
- Target
  
  Browser/xul.dll
- Size
  
  143.5MB
- MD5
  
  bf2b30d5de6cfe1ad3d1a4520f030b7f
- SHA1
  
  9c615fd2c4a0e996faa213fcab372f21d0a61db7
- SHA256
  
  8f59d2ea67e87616dbe41b78fe1fcee8fdaa3d782e52eb97e1d1b4cc148e84ce
- SHA512
  
  a230ff556e2e83ed0ee847c6bfb4b2fc714631677d3559d7d7473bb9082f499c2471aed7b899785d89730df5238483eddddf0ea3762907eea08e9be6489aa429
- SSDEEP
  
  1572864:BlpDEIAZNcW7umJH0NLpHwjWZZu0ntonaXYX:HXN1K4S
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Registers COM server for autorun

Executes dropped EXE

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32